Local users get to play root?
Seth Vidal
skvidal at fedoraproject.org
Wed Nov 18 23:20:26 UTC 2009
On Wed, 18 Nov 2009, Richard Hughes wrote:
> 2009/11/18 Eric Christensen <eric at christensenplace.us>:
>> Has anyone drafted a notice to go out on the Announce List explaining
>> this vulnerability? If admins don't know to fix/remove PK then they are
>> putting their systems at risk.
>
> I'm really bored of this conversation. The bikeshed is blue. There are
> much bigger problems in UNIX security than installing signed packages.
> We don't set a grub password by default.
>
I think this is less subjective than bikeshed colors.
I think fesco is going to need to talk about this on friday.
-sv
More information about the fedora-devel-list
mailing list